Search
CVE Explorer
Search the full tracked CVE corpus across every vendor — by keyword, vendor, severity, CVSS band and publication date. Server-rendered; each filtered view has its own URL.
01
Filters
Submit to refine — state is held in the URL.
02
Results
31,416 matching · page 164/629Each CVE id links to its NVD record.
| CVE | Severity | CVSS | Summary | Published |
|---|---|---|---|---|
| CVE-2025-62220(opens NVD record) | High | 8.8 | Heap-based buffer overflow in Windows Subsystem for Linux GUI allows an unauthorized attacker to execute code over a network. | Nov 11, 2025 |
| CVE-2025-62219(opens NVD record) | High | 7.0 | Double free in Microsoft Wireless Provisioning System allows an authorized attacker to elevate privileges locally. | Nov 11, 2025 |
| CVE-2025-62218(opens NVD record) | High | 7.0 | Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Wireless Provisioning System allows an authorized attacker to elevate privileges locally. | Nov 11, 2025 |
| CVE-2025-62217(opens NVD record) | High | 7.0 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | Nov 11, 2025 |
| CVE-2025-62216(opens NVD record) | High | 7.8 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | Nov 11, 2025 |
| CVE-2025-62215(opens NVD record) | High | 7.0 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kernel allows an authorized attacker to elevate privileges locally. | Nov 11, 2025 |
| CVE-2025-62214(opens NVD record) | Medium | 6.7 | Improper neutralization of special elements used in a command ('command injection') in Visual Studio allows an authorized attacker to execute code locally. | Nov 11, 2025 |
| CVE-2025-62213(opens NVD record) | High | 7.0 | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | Nov 11, 2025 |
| CVE-2025-62211(opens NVD record) | High | 8.7 | Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network. | Nov 11, 2025 |
| CVE-2025-62210(opens NVD record) | High | 8.7 | Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network. | Nov 11, 2025 |
| CVE-2025-62209(opens NVD record) | Medium | 5.5 | Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally. | Nov 11, 2025 |
| CVE-2025-62208(opens NVD record) | Medium | 5.5 | Insertion of sensitive information into log file in Windows License Manager allows an authorized attacker to disclose information locally. | Nov 11, 2025 |
| CVE-2025-62206(opens NVD record) | Medium | 6.5 | Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to disclose information over a network. | Nov 11, 2025 |
| CVE-2025-62205(opens NVD record) | High | 7.8 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | Nov 11, 2025 |
| CVE-2025-62204(opens NVD record) | High | 8.0 | Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | Nov 11, 2025 |
| CVE-2025-62203(opens NVD record) | High | 7.8 | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | Nov 11, 2025 |
| CVE-2025-62202(opens NVD record) | High | 7.1 | Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | Nov 11, 2025 |
| CVE-2025-62201(opens NVD record) | High | 7.8 | Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | Nov 11, 2025 |
| CVE-2025-62200(opens NVD record) | High | 7.8 | Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | Nov 11, 2025 |
| CVE-2025-62199(opens NVD record) | High | 7.8 | Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | Nov 11, 2025 |
| CVE-2025-61831(opens NVD record) | High | 7.8 | Illustrator versions 28.7.10, 29.8.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | Nov 11, 2025 |
| CVE-2025-61820(opens NVD record) | High | 7.8 | Illustrator versions 28.7.10, 29.8.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | Nov 11, 2025 |
| CVE-2025-61819(opens NVD record) | High | 7.8 | Photoshop Desktop versions 26.8.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | Nov 11, 2025 |
| CVE-2025-60728(opens NVD record) | Medium | 4.3 | Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network. | Nov 11, 2025 |
| CVE-2025-60727(opens NVD record) | High | 7.8 | Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | Nov 11, 2025 |
| CVE-2025-60726(opens NVD record) | High | 7.1 | Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | Nov 11, 2025 |
| CVE-2025-60724(opens NVD record) | Critical | 9.8 | Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network. | Nov 11, 2025 |
| CVE-2025-60723(opens NVD record) | Medium | 6.3 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows DirectX allows an authorized attacker to deny service over a network. | Nov 11, 2025 |
| CVE-2025-60722(opens NVD record) | Medium | 6.5 | Improper limitation of a pathname to a restricted directory ('path traversal') in OneDrive for Android allows an authorized attacker to elevate privileges over a network. | Nov 11, 2025 |
| CVE-2025-60721(opens NVD record) | High | 7.8 | Privilege context switching error in Windows Administrator Protection allows an authorized attacker to elevate privileges locally. | Nov 11, 2025 |
| CVE-2025-60720(opens NVD record) | High | 7.8 | Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally. | Nov 11, 2025 |
| CVE-2025-60719(opens NVD record) | High | 7.0 | Untrusted pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | Nov 11, 2025 |
| CVE-2025-60718(opens NVD record) | High | 7.8 | Untrusted search path in Windows Administrator Protection allows an authorized attacker to elevate privileges locally. | Nov 11, 2025 |
| CVE-2025-60717(opens NVD record) | High | 7.0 | Use after free in Windows Broadcast DVR User Service allows an authorized attacker to elevate privileges locally. | Nov 11, 2025 |
| CVE-2025-60716(opens NVD record) | High | 7.0 | Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally. | Nov 11, 2025 |
| CVE-2025-60715(opens NVD record) | High | 8.0 | Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. | Nov 11, 2025 |
| CVE-2025-60714(opens NVD record) | High | 7.8 | Heap-based buffer overflow in Windows OLE allows an unauthorized attacker to execute code locally. | Nov 11, 2025 |
| CVE-2025-60713(opens NVD record) | High | 7.8 | Untrusted pointer dereference in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally. | Nov 11, 2025 |
| CVE-2025-60710(opens NVD record) | High | 7.8 | Improper link resolution before file access ('link following') in Host Process for Windows Tasks allows an authorized attacker to elevate privileges locally. | Nov 11, 2025 |
| CVE-2025-60709(opens NVD record) | High | 7.8 | Out-of-bounds read in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. | Nov 11, 2025 |
| CVE-2025-60708(opens NVD record) | Medium | 6.5 | Untrusted pointer dereference in Storvsp.sys Driver allows an authorized attacker to deny service locally. | Nov 11, 2025 |
| CVE-2025-60707(opens NVD record) | High | 7.8 | Use after free in Multimedia Class Scheduler Service (MMCSS) allows an authorized attacker to elevate privileges locally. | Nov 11, 2025 |
| CVE-2025-60706(opens NVD record) | Medium | 5.5 | Out-of-bounds read in Windows Hyper-V allows an authorized attacker to disclose information locally. | Nov 11, 2025 |
| CVE-2025-60705(opens NVD record) | High | 7.8 | Improper access control in Windows Client-Side Caching (CSC) Service allows an authorized attacker to elevate privileges locally. | Nov 11, 2025 |
| CVE-2025-60704(opens NVD record) | High | 7.5 | Missing cryptographic step in Windows Kerberos allows an unauthorized attacker to elevate privileges over a network. | Nov 11, 2025 |
| CVE-2025-60703(opens NVD record) | High | 7.8 | Untrusted pointer dereference in Windows Remote Desktop allows an authorized attacker to elevate privileges locally. | Nov 11, 2025 |
| CVE-2025-59515(opens NVD record) | High | 7.0 | Use after free in Windows Broadcast DVR User Service allows an authorized attacker to elevate privileges locally. | Nov 11, 2025 |
| CVE-2025-59514(opens NVD record) | High | 7.8 | Improper privilege management in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally. | Nov 11, 2025 |
| CVE-2025-59513(opens NVD record) | Medium | 5.5 | Out-of-bounds read in Windows Bluetooth RFCOM Protocol Driver allows an authorized attacker to disclose information locally. | Nov 11, 2025 |
| CVE-2025-59512(opens NVD record) | High | 7.8 | Improper access control in Customer Experience Improvement Program (CEIP) allows an authorized attacker to elevate privileges locally. | Nov 11, 2025 |